An Efficient Authentication for Lightweight Devices by Perfecting Zero-Knowledgeness

Bagus SANTOSO  Kazuo OHTA  Kazuo SAKIYAMA  Goichiro HANAOKA  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E94-A   No.1   pp.92-103
Publication Date: 2011/01/01
Online ISSN: 1745-1337
DOI: 10.1587/transfun.E94.A.92
Print ISSN: 0916-8508
Type of Manuscript: Special Section PAPER (Special Section on Cryptography and Information Security)
Category: Identification
identification scheme,  RFID,  zero-knowledge,  impersonation,  

Full Text: PDF>>
Buy this Article

We present a new methodology for constructing an efficient identification scheme, and based on it, we propose a lightweight identification scheme whose computational and storage costs are sufficiently low even for cheap devices such as RFID tags. First, we point out that the efficiency of a scheme with statistical zero-knowledgeness can be significantly improved by enhancing its zero-knowledgeness to perfect zero-knowledge. Then, we apply this technique to the Girault-Poupard-Stern (GPS) scheme which has been standardized by ISO/IEC. The resulting scheme shows a perfect balance between communication cost, storage cost, and circuit size (computational cost), which are crucial factors for implementation on RFID tags. Compared to GPS, the communication and storage costs are reduced, while the computational cost is kept sufficiently low so that it is implementable on a circuit nearly as small as GPS. Under standard parameters, the prover's response is shortened 80 bits from 275 bits to 195 bits and in application using coupons, storage for one coupon is also reduced 80 bits, whereas the circuit size is estimated to be larger by only 335 gates. Hence, we believe that the new scheme is a perfect solution for fast authentication of RFID tags.